Pages Navigation Menu

The blog of DataDiggers

Categories Navigation Menu

Netflix is pursuing more interactive content, including, maybe, a rom-com

Posted by on Mar 13, 2019 in Bandersnatch, black mirror, Culture, Interactive storytelling, Mumbai, Netflix, reporter, storytelling, Streaming Media, TC | 0 comments

On the heels of its groundbreaking foray into interactive storytelling with the choose-your-own-adventure style “Black Mirror” episode, Bandersnatch, Netflix will look to produce much more interactive entertainment, according to vice president of content, Todd Yellin.

Speaking at the FICCI-Frames conference for Indian media and entertainment in Mumbai, Yellin said in a keynote that audiences could expect many more interactive stories to come from the streaming media service, according to a report in Variety.

“We realized, wow, interactive storytelling is something we want to bet more on,” Yellin reportedly said. “We’re doubling down on that. So expect over the next year or two to see more interactive storytelling.”

One of the things Yellin floated was the idea of a romantic comedy where the audience would choose “will-they or won’t-they”? It sets up the potential for a world where viewers could determine that Ross and Rachel never go on a break.

The initiative would likely require a lot of heavy lifting from writers, editors and actors. Black Mirror took two years to get from concept to screen and involved a lot of heavy lifting from Netflix .

In Bandersnatch, Netflix collaborated with the writers and directors of Black Mirror to develop the technology to support streaming a film that relied on the “branching narrative” storytelling structure that required viewers to pick between choices to advance the story.

Filmed over a seven-week shoot, the filmmaking process took 250 distinct video segments that were stitched together to cover all possible endings, according to a lengthy description of the making of the episode in The Hollywood Reporter.

Bandersnatch doesn’t have an official run time, and viewers can spend anywhere from an hour and a half to two and a half hours to make it until the credits roll.

Netflix’s investment included new technology that the company calls “state tracking” which logs the choices viewers make as they watch the Bandersnatch episode. The company also engineered a new technology that would load the episode without any lags. And Netflix created a new internal writing tool called Branch Manager so that Brooker could write his script and deliver it directly to the company, according to The Hollywood Reporter.

After all of that internal investment, it’s little wonder that Netflix is planning to roll the new narrative framework out in other storylines, or across different titles.

Netflix had previously applied the choose-your-own-adventure style narratives to children’s animated programming, but since the success of Bandersnatch, that is definitely going to be expanding.

“We do want to take a number of gos at this and see what works for different audiences,” Netflix’s director of product innovation, Carla Engelbrecht Fisher told The Hollywood Reporter. “That’s what we’re engaged in now: What are the other kinds of stories that we can tell and that folks are excited to tell? And continuing to unearth this iceberg of opportunity and see what’s there.”


Source: The Tech Crunch

Read More

Facebook won’t let you opt-out of its phone number ‘look up’ setting

Posted by on Mar 4, 2019 in Alex Stamos, computing, Facebook, photo sharing, Privacy, reporter, Security, Social Media, Software, terms of service | 0 comments

Users are complaining that the phone number Facebook hassled them to use to secure their account with two-factor authentication has also been associated with their user profile — which anyone can use to “look up” their profile.

Worse, Facebook doesn’t give you an option to opt-out.

Last year, Facebook was forced to admit that after months of pestering its users to switch on two-factor by signing up their phone number, it was also using those phone numbers to target users with ads. But some users are finding out just now that Facebook’s default setting allows everyone — with or without an account — to look up a user profile based off the same phone number previously added to their account.

The recent hubbub began today after a tweet by Jeremy Burge blew up, criticizing Facebook’s collection and use of phone numbers, which he likened to “a unique ID that is used to link your identity across every platform on the internet.”

Although users can hide their phone number on their profile so nobody can see it, it’s still possible to “look up” user profiles in other ways, such as “when someone uploads your contact info to Facebook from their mobile phone,” according to a Facebook help article. It’s a more restricted way than allowing users to search for user profiles using a person’s phone number, which Facebook restricted last year after admitting “most” users had their information scraped.

Facebook gives users the option of allowing users to “look up” their profile using their phone number to “everyone” by default, or to “friends of friends” or just the user’s “friends.”

But there’s no way to hide it completely.

Security expert and academic Zeynep Tufekci said in a tweet: “Using security to further weaken privacy is a lousy move — especially since phone numbers can be hijacked to weaken security,” referring to SIM swapping, where scammers impersonate cell customers to steal phone numbers and break into other accounts.

Tufekci’s argued that users can “no longer keep keep private the phone number that [they] provided only for security to Facebook.”

Facebook spokesperson Jay Nancarrow told TechCrunch that the settings “are not new,” adding that, “the setting applies to any phone numbers you added to your profile and isn’t specific to any feature.”

Gizmodo reported last year that when a user gives Facebook a phone number for two-factor, it “became targetable by an advertiser within a couple of weeks.”

If a user doesn’t like it, they can set up two-factor without using a phone number — which hasn’t been mandatory for additional login security since May 2018.

But even if users haven’t set up two-factor, there are well documented cases of users having their phone numbers collected by Facebook, whether the user expressly permitted it or not.

In 2017, one reporter for The Telegraph described her alarm at the “look up” feature, given she had “not given Facebook my number, was unaware that it had found it from other sources, and did not know it could be used to look me up.”

WhatsApp, the messaging app also owned by Facebook (alongside Messenger and Instagram), uses your phone number as the primary way to create your account and connect you to its service. Facebook has long had a strategy to further integrate the two services, although it has run into some bumps along the way.

To the specific concerns by users, Facebook said: “We appreciate the feedback we’ve received about these settings and will take it into account.”

Concerned users should switch their “look up” settings to “Friends” to mitigate as much of the privacy risk as possible.

When asked specifically if Facebook will allow users to users to opt-out of the setting, Facebook said it won’t comment on future plans. And, asked why it was set to “everyone” by default, Facebook said the feature makes it easier to find people you know but aren’t yet friends with.

Others criticized Facebook’s move to expose phone numbers to “look ups,” calling it “unconscionable.”

Alex Stamos, former chief security officer and now adjunct professor at Stanford University, also called out the practice in a tweet. “Facebook can’t credibly require two-factor for high-risk accounts without segmenting that from search and ads,” he said.

Since Stamos left Facebook in August, Facebook has not hired a replacement chief security officer.


Source: The Tech Crunch

Read More

Revolut CFO resigns following money laundering controversy

Posted by on Mar 1, 2019 in Bank, Banking, ceo, challenger bank, Drama, Europe, Finance, Financial Conduct Authority, financial services, Japan, jp morgan, money, monzo, N26, North America, reporter, Revolut, Singapore, TC, the telegraph, TransferWise, United Kingdom | 0 comments

This hasn’t been a good week for challenger bank Revolut . The company, which offers digital banking services and is valued at $1.7 billion, confirmed today that embattled CFO Peter O’Higgins has resigned and left the business.

The startup and O’Higgins have been under pressure after a Daily Telegraph report that revealed that Revolt switched off an anti-money laundering system that flags suspect transactions because it was prone to throwing out false positives.

According to the Telegraph, the system was inactive between July-September 2018, which potentially allowed illegal transactions to pass across the banking platform. Revolut did not contact the Financial Conduct Authority to inform the regulator of the lapse, Telegraph reporter James Cook said.

O’Higgins, who joined the company from JP Morgan three years ago, made no mention of the saga in his resignation statement:

Having been at Revolut for almost three years, I am immensely proud to have taken the company from £1m revenue to £50m revenue during this time. However, as Revolut begins to scale globally and applies to become a bank in multiple jurisdictions, the time has come to pass the reigns over to someone who has global retail banking experience at this level. My time at Revolut has been invaluable and I’m so proud of what myself and the team have achieved. There is no doubt in my mind that Revolut will go on to build one of the largest and most trusted financial institutions in the world.

In a separate statement received by TechCrunch, Revolut CEO Nik Storonsky said that O’Higgins had been “absolutely pivotal to our success.”

The resignation caps a terrible few days for Revolut, which was the subject of a report from Wired earlier this week that delved into allegations around its challenging workplace culture and high employee churn rate.

“Former Revolut employees say this high-speed growth has come at a high human cost – with unpaid work, unachievable targets, and high-staff turnover,” wrote guest reporter Emiliano Mellino, citing the experiences of numerous former employees.

Those incidents included prospective staff being told to canvass for new customers as part of the interview process. The candidates were not compensated for their efforts, according to Wired. Revolut later removed the demands from its hiring processes.

Revolut is headquartered in the UK, where it launched its service in the summer of 2015. Today, it claims over four million registered users across Europe — it is available in EEA countries — although it plans to extend its presence to other parts of the world are taking longer than expected.

The company said last year it aims to launch in Singapore and Japan in Q1 of this year — so far neither has happened — while it also harbors North American market plans. Entries to the U.S. and Canada were supposed to happen by the end of 2018, according to an interview with Storonsky at TechCrunch Disrupt in September, but they also appear to have been delayed.

Revolut is generally considered to be the largest challenger bank in Europe, in terms of valuation and registered users, but other rivals include N26, Monzo and Starling. Even Transferwise, the global remittance service, now includes border-less banking features and an accompanying debit card.


Source: The Tech Crunch

Read More

Indian state government leaks thousands of Aadhaar numbers

Posted by on Feb 1, 2019 in aadhaar, bangalore, biometrics, Government, Identification, India, New Delhi, Privacy, Python, reporter, Security, supreme court, Unique Identification Authority of India, United States, VPN | 0 comments

A lapse in security has led to the leaking of over a hundred thousand Aadhaar numbers, TechCrunch can reveal.

One of the web systems used to record attendance of government workers for the Indian state of Jharkhand was left exposed and without a password as far back as 2014, allowing anyone access to names, job titles, and partial phone numbers on 166,000 workers as of the time of writing.

But the photo on each record page used the file name as that worker’s Aadhaar number, a confidential 12-digit number assigned to each Indian citizen as part of the country’s national identity and biometric database.

The data leak isn’t a direct breach of the central database run by Aadhaar’s regulator, the Unique Identification Authority of India (UIDAI), but represents another lapse in responsibility from the authority charged with protecting its data.

Aadhaar numbers aren’t strictly secret but are treated similarly to Social Security numbers. Anyone of the 1.23 billion Indian citizens enrolled in Aadhaar — more than 90 percent of the population — can use their unique number or their thumbprint to verify their identity in order to enroll in state services, like voting, welfare or financial assistance. Aadhaar users can even use their Aadhaar identity to open a bank account, get a SIM card, call an Uber, buy something on Amazon, or rent an Airbnb.

But the system has been plagued with problems that have led to starvation in cases, and the illicit trade of citizen data on the underground market.

It’s unclear why the Jharkhand government site was accessible to anyone who knew where to look, but little effort had been put in to ensure the security of the system — or even hide it from the outside world. The site was easily found on a subdomain of the state government’s website, but for long enough that it was indexed by Google, which cached copies of not only the site itself, but also its attendance record pages that still contain Aadhaar numbers in each worker’s photo.

TechCrunch asked Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, to take a look at the site. Robert has prior experience in revealing Aadhaar-related data leaks. Using less than a hundred lines of Python code, Robert demonstrated that it was easy for anyone to scrape the entire site in batches to download their photos and corresponding Aadhaar numbers.

TechCrunch verified a small selection of Aadhaar numbers from the site using UIDAI’s own verification tool on its website. (We used a VPN in Bangalore as the page was unavailable in the U.S.). Each record came back as a positive match.

After confirming our findings, we reached out to both the Jharkhand government and UIDAI.

Jharkhand’s attendance site leaking worker data. (Image: TechCrunch)

At the time of publication, neither had responded, but the website had been pulled offline.

The exposure may represent a fraction of the billion-plus users registered with Aadhaar, but uncovers yet another inadvertent disclosure of citizen data from a system that UIDAI claims is impenetrable. Instead of learning from mistakes and mishaps, UIDAI instead has shown a long history of rebuffing evidence of security incidents or breaches with mockery and declaring findings as “fake news,” by claiming to refute evidence without presenting any of its own.

The leak of Aadhaar numbers may not be seen as sensitive compared to leaked biometric data. Former attorney general Mukul Rohtagi once called a separate leak of Aadhaar numbers “much ado about nothing.” But it’s raises fears that obtaining and misusing someone’s number could lead to identity theft and fraud — which reportedly peaked last year.

Others have expressed concern that the system puts privacy at risk by recording information on a person’s life, which authorities can use to conduct surveillance on ordinary citizens.

But the exposure alone contradicts the Indian government’s claims that the Aadhaar system as a whole is secure.

In recent years, several security lapses involving data relating to Aadhaar have reignited fresh concerns about the centralized database — including several issues found by Robert. Last year, security researcher Karan Saini, a New Delhi-based security researcher, found a poorly-secured web address used by state-owned utility company Indane that had direct access to the Aadhaar database, allowing him to query results from the system. UIDAI rubbished the reports, baselessly claiming that there was “no truth to this story” in a series of tweets from its official Twitter account, despite evidence to the contrary. In the same year, India’s Tribune newspaper reported that some were selling direct access to the Aadhaar database. UIDAI responded by filing a complaint against the reporter with police.

Despite the security concerns, India’s Supreme Court ruled the database constitutional in September after a long-running court battle.


Got a tip? You can send tips securely over Signal and WhatsApp to +1 646-755–8849. You can also send PGP email with the fingerprint: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.


Source: The Tech Crunch

Read More

Amazon’s barely-transparent transparency report somehow gets more opaque

Posted by on Jan 31, 2019 in amazon alexa, Apps, computing, e-book, Government, Online Music Stores, Privacy, Publishing, reporter, world wide web | 0 comments

Amazon posted its bi-annual report Thursday detailing the number of government data demands it receives.

The numbers themselves are unremarkable, neither spiking nor falling in the second-half of last year compared to the first-half. The number of subpoenas, search warrants and other court orders totaled 1,736 for the duration, down slightly on the previous report. Amazon still doesn’t break out demands for Echo data, but does with its Amazon Web Services content — a total of 175 requests down from 253 requests.

But noticeably absent compared to earlier reports was how many requests the company received to remove data from its service.

In its first-half report, the retail and cloud giant said in among the other demands it gets that it may receive court orders that might demand Amazon “remove user content or accounts.” Amazon used to report the requests “separately” in its report.

Now it’s gone. Yet where freedom of speech and expression is more important than ever, it’s just not there any more — not even a zero.

We reached out to Amazon to ask why it took out removal requests, but not a peep back on why.

Amazon has long had a love-hate relationship with transparency reports. Known for its notorious secrecy — once telling a reporter, “off the record, no comment” — the company doesn’t like to talk when it doesn’t have to. In the wake of the Edward Snowden disclosures, most companies that weren’t disclosing their government data demands quickly started. Even though Amazon wasn’t directly affected by the surveillance scandal, it held out — because it could — but later buckled, becoming the last of the major tech giants to come out with a transparency report.

Even then, the effort Amazon put in was lackluster.

Unlike most other transparency reports, Amazon’s is limited to just two pages — most of which are dedicated to explaining what it does in response to each kind of demand, from subpoenas to search warrants and court orders. No graphics, no international breakdown and no announcement. It’s almost as if Amazon doesn’t want anyone to notice.

That hasn’t changed in years. Where most other companies have expanded their reports — Apple records account deletions, so does Facebook, and Microsoft, Twitter, Google and a bunch more — Amazon’s report has stayed the same.

And for no good reason except that Amazon just can. Now it’s getting even slimmer.


Source: The Tech Crunch

Read More